<?php
  if(!isset($_POST['enviado'])){
      
      echo "
            <form id='login' name='login' method='post' action=''>
                <fieldset class='center'>
                <div >
                    <label for='user' class='texto'>Usuario</label><br>
                    <input id='user' name='user' type='text' class='input' maxlength='40' placeholder='user' onkeyup='toMinus(this)' >
                </div>
                
                <div >
                    <label for='user' class='texto'>Contraseña</label><br>
                    <input id='pass' name='pass' type='password' class='input' maxlength='40' placeholder='password' >
                </div>
                </fieldset>
                <input type='hidden' name='enviado' id='enviado' value=''>
                <a href='#' class='boton'  onClick='enviar();'>Enviar</a>
            </form>

            ";
  }
    else
        {  
           
            $user=$_POST["user"];
            $pass=$_POST["pass"];

            $mysqli= new mysqli("localhost","estageco_cliente","cli3nt3-123+1","estageco_cortex");
            $acentos = $mysqli->query("SET NAMES 'utf8'");
            $query="CALL VERIFICA_CLIENTE('$user','$pass');";
            $sentencia=$mysqli->prepare($query);
            if($sentencia){   $sentencia->execute();
                              $sentencia->bind_result($result);
                              $sentencia->fetch(); 
                              $sentencia->close(); 
                          }
            $mysqli->close();
            
            if(!($result=='ACCEPTED')){       
                echo "<div class='errorMsg'><img src='images/simbolo-error.png'><br>DATOS INVÁLIDOS</div>
                                          <script type=text/javascript> 
                                                    function actual(){
                                                        window.location = 'index.php';
                                                      }
                                                      setTimeout ('actual()', 3900);
                                          </script>";
                session_destroy();
            }
            else {
                    
                    $login = uniqid();
                    $_SESSION['login'] = $login;
       
                   $mysqli= new mysqli("localhost","estageco_cliente","cli3nt3-123+1","estageco_cortex");
                   $acentos = $mysqli->query("SET NAMES 'utf8'");
                    $query="CALL ROOT_CLIENTE('$user','$pass')";
                      if ($sentencia = $mysqli->prepare($query)) {    $sentencia->execute();
                                                                      $sentencia->bind_result($id_usuario);
                                                                      $sentencia->fetch(); 
                                                                      $sentencia->close();
                                                                      $_SESSION['id_usuario']=$id_usuario;
                                                                    }

                      $mysqli->close();
                      
                      echo "<script type=text/javascript> window.location = 'interface/index.php'; </script>";  
                
            }
            
            
            
        }
?>
 